RA-9: Criticality Analysis

From NIST's SP800-53:

Identify critical system components and functions by performing a criticality analysis for [Assignment: organization-defined systems, system components, or system services] at [Assignment: organization-defined decision points in the system development life cycle].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1601	Modify System Image	Defense Evasion
T1601.001	Patch System Image	Defense Evasion
T1601.002	Downgrade System Image	Defense Evasion
T1542	Pre-OS Boot	Defense Evasion, Persistence
T1542.003	Bootkit	Defense Evasion, Persistence
T1553.006	Code Signing Policy Modification	Defense Evasion
T1553	Subvert Trust Controls	Defense Evasion
T1495	Firmware Corruption	Impact
T1542.005	TFTP Boot	Defense Evasion, Persistence
T1195.003	Compromise Hardware Supply Chain	Initial Access
T1542.001	System Firmware	Defense Evasion, Persistence
T1542.004	ROMMONkit	Defense Evasion, Persistence